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DETAILED ACTION 
Response to Amendment 

1 . This action is in response to the amendment filed on June 20, 2005. Claims 1 -1 9 
were originally received for consideration. Per the received amendment, claims 1 ,4,5, 
and 19 are amended. Claims 1-19 are currently being considered. 

Response to Arguments 

2. Applicant's arguments filed June 20, 2005 have been fully considered but they 
are not persuasive because: 

Regarding amended independent claim 1 , the applicant argues that there is no 
motivation to combine Fpth (U.S. Patent Publication No. 2003/0068045) with McGarvey 
et al. (U.S. Patent Publication No. 2003/0028773). This argument is not found 
persuasive. The applicant asserts that there is no need for delegation credentials and 
that the adaptor communicates directly with the document repository. The Examiner 
does not find this argument persuasive. The adaptor of Foth, which can be 
incorporated in the printer, does not communicate directly with the data center 
(document repository), but it does go through the Internet (Figure 1). McGarvey states 
that networked computer application are often deployed using a tiered model, which a 
client model (mobile device) initiates a program via a client program to a web server 
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(middle-tier server) which then communicates on behalf of the originator to other 
middle-tier servers such as database servers or resource managers (document 
repository) (paragraph 2). The system of Foth as described above, fits into this tiered 
model, and therefore, it does not teach away from using a delegation credential as the 
request has to traverse multiple hops through the Internet which is insecure, so a 
secure propagation of credentials through the multiple hops using a delegation 
credential would enhance the system of Foth. Therefore, in view of the above 
reasoning and the reasoning presented in the previous Office action, the rejection is 
maintained for claims 1-19 as given below. 



Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

3. Claims 1 and 19 recites the limitation "the document repository" in the first 
limitation. The preamble discloses a "client-server-document repository system," but 
this does not supply sufficient antecedent basis as a system is being disclosed and not 
the actual document repository. There is insufficient antecedent basis for this limitation 
in the claim. 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1-10, 12-19 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Foth (U.S. Patent Application Publication No. 2003/0068045) in view of McGarvey 
et al. (U.S. Patent Application Publication No. 2003/0028773). 

Regarding claim 1 , Foth discloses: 

In a client-server-document repository system, a secure method for remote 
action by reference, comprising: 

"sending, from the client to the server, user credentials to release a 
document stored in the document repository and the address of the document 
(page 2: paragraphs 23-24); 

"verifying, at the server, the user's credential' (page 2: paragraphs 23-24); 

"if verified, sending, from the server to the document repository, server 
credentials, and the address of the document (page2: paragraphs 23-24) 

"verifying, at the document repository, the server's credentials' (page 2: 
paragraphs 23-24); 

"if verified, sending the document from the document repository to the 
server" (page 2: paragraph 24); and 
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"performing the action on the document at the serve? (page 2: paragraph 

24). 



Foth does not explicitly disclose the method of "using a delegation credential in 
conjunction with user and server credentials to permit the server to perform an 
action on the document. McGarvey discloses using a delegation credential in 
conjunction with user and server credentials to permit the server to perform an action on 
the document (page 4-5: paragraphs 45-52). McGarvey delineates a client sending a 
signed credential to a middle-tier server (server), which then sends the credential to a 
back-end server (document repository) for authentication on behalf of the client. 
McGarvey states that tiered network approaches are common, whereby in a tiered 
approach, the originator for a unit of work communicates via a client program, which 
then communicates with a middle-tier server (i.e. a web server) which then can access 
a database or other resource managers (i.e. document repository) (page 1 : paragraph 
2). McGarvey further states that "such a tiered approach to network applications may 
create a need for the secure propagation of security credentials of the request originator 
through each of the tiers of the application" (page 1 : paragraph 3) and that "in such 
propagation of secure credentials, the request originator delegates to middle-tier 
servers the authority to access other servers on their behalf (page 1 : paragraph 3). 
Foth and McGarvey are analogous arts in that both deal with a tiered approach to 
access information from a back-end server (document repository) by going through a 
middle-tier server. The middle-tier server as applied to Foth would be the printer with 
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the built in adaptor, and the back-end server would be the document repository where 
the document that is requested to be printed resides. Therefore, it would have been 
obvious to one of ordinary skill in the art at the time the invention was made to use the 
delegation credentials provided by McGarvey in conjunction with the user and server 
credentials of Foth, to allow the propagation of security credentials by allowing the 
middle-tier server to act on behalf of the client in accessing the back-end servers. 

Claim 2 is rejected as applied above in rejecting claim 1 . Furthermore, Foth discloses: 

The method of claim 1 , wherein "the server comprises a printer" (page 2: 
paragraph 20). 

Claim 3 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 
The method of claim 1, wherein "the server comprises a multi-function device 
for printing, faxing and scanning 1 (page 2: paragraph 20). 

Claim 4 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 
The method of claim 1 , further comprising "establishing a secure connection 
between the client and server prior to sending the user credentials, delegation 
credential and address of the document' (page 2: paragraph 21 ). 

Claim 5 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 
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The method of claim 1, wherein "the document addreess comprises a URL" 
(page 2: paragraph 23). 

Claim 6 is rejected as applied above in rejecting claim 1 . Furthermore, Foth discloses: 
The method of claim 1 , wherein the delegation credential comprises: 
"URL of the serve?' (page 2: paragraphs 23-24); 
"URL of the document to be fetched' (page 2: paragraphs 23-24); 
Foth does not explicitly disclose a certificate signed by the client, the delegator, 
delegatee, and the access rights delegated to the server. McGarvey discloses a 
credential which has a pre-nonce token which contains the identity of the middle-tier 
server (page 4: paragraph 47), a nonce signed by the client (digital certificate), and a 
random number which can be used for designating the rights of the server by containing 
an expiration date (pages 4-5: paragraphs 47-52). 

Claim 7 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 
The method of claim 1 , wherein the client comprises "a mobile device" (page 2: 
paragraph 21). 

Claim 8 is rejected as applied above in rejecting claim 7. Furthermore, Foth discloses: 
The method of claim 7, wherein the mobile device comprises "a PDA" (page 2: 
paragraph 21). 
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Claim 9 is rejected as applied above in rejecting claim 7. Furthermore, Foth discloses: 

The method of claim 7, wherein the mobile device comprises "a cell phone" 
(page 2: paragraph 21). 

Claim 10 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 

The method of claim 1 . 
Foth does not explicitly disclose the delegation credential including a time limit, wherein 
upon expiration of the time limit, the server's permissions expire. McGarvey discloses a 
random number, which has an expiration date, and at the back-end server, if it is 
determined that the random number received from the middle-tier server is expired, the 
delegation credential is not authenticated. 

Claim 12 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 

The method of claim 1 . 
Foth does not explicitly disclose that the delegation credential comprises a Satchel 
token. McGarvey discloses that the delegation credential includes a pre-nonce token 
which is used for authenticating to a back-end server. 

Claim 13 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 
The method of claim 1. 
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Foth does not explicitly disclose that the delegation credential comprises an SPKI 
certificate. McGarvey discloses that the delegation credential includes a nonce signed 
digitally signed by a user. 



Claim 14 is rejected as applied above in rejecting claim 1. Furthermore, Foth discloses: 

The method of claim 1 , wherein "the server comprises a printer" (page2: 
paragraph 20) and the action comprises "printing the document (page 2: paragraph 
24) and wherein the verifying step comprises "verifying if the client has rights on the 
printer and if not sending an error message to the client (page 2: paragraph 23). 



Claim 15 is rejected as applied above in rejecting claim 14. Furthermore, Foth 
discloses: 

The method of claim 14. Foth does not explicitly state "verifying, at the printer, if 
sufficient media is available." However, it was well-known in the art at the time the 
invention was made, that every time a print job is sent to a printer, that the printer 
checks if it has sufficient memory to process the request. Therefore it would have been 
obvious to one of ordinary skill in the art at the time the invention was made, to check 
for sufficient media before commencing the print job. 



Claim 16 is rejected as applied above in rejecting claim 15. Furthermore, Foth 
discloses: 
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The method of claim 15. Foth does not explicitly disclose "upon printing the 
document, sending the client a notice." However, it was well-known in that art at the 
time of invention was made, that when a print job is completed, a notice will be sent to 
the client. Foth discloses a "secure retrieval of documents" (Abstract) which would 
imply that a user would know exactly when the print job was completed. Therefore, it 
would have been obvious to one of ordinary skill in the art at the time the invention was 
made, to have the server send the client a notice when printing had completed. 

Claim 17 is rejected as applied above in rejecting claim 3. Furthermore, Foth discloses: 

The method of claim 3, wherein 'the delegation credential includes the 
client's access rights associated with the document and constraints on the 
serve?' (page 2: paragraph 23). 

Claim 18 is rejected as applied above in rejecting claim 17. Furthermore, Foth 
discloses: 

The method of claim 17, wherein "the client's access rights include printing, 
faxing, copying, and fetching' (page 2: paragraph 23-24). 
Foth does not explicitly disclose the server's constraints include a predetermined 
number of copies that may be made and a predetermined period of time in which 
actions on the document maybe provided." McGarvey discloses a random number, 
which has an expiration date, and at the back-end server, if it is determined that the 
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random number received from the middle-tier server is expired, the delegation 
credential is not authenticated. 

Regarding claim 19, Foth discloses: 

In a client-server-document repository system, a secure method for remote 
action by reference, comprising: 

' sending, from the client to the server, user credentials to release a 
plurality of documents stored in the document repository and the address of the 
document' (page 2: paragraphs 23-24); 

' verifying, at the server, the user's credential' (page 2: paragraphs 23-24); 

7f verified, sending, from the server to the document repository, server 
credentials, and the address of the document (page2: paragraphs 23-24) 

' verifying, at the document repository, the server's credentials" (page 2: 
paragraphs 23-24); 

"if verified, sending the document from the document repository to the 
server" (page 2: paragraph 24); and 

"performing the action on the document at the serve? (page 2: paragraph 24). 
Foth does not explicitly disclose the method of "using a plurality of delegation 
credentials in conjunction with user and server credentials to permit the server to 
perform an action on the document on the user's behalf. McGarvey discloses 
using a delegation credential in conjunction with user and server credentials to permit 
the server to perform an action on the document (page 4-5: paragraphs 45-52). 
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McGarvey delineates a client sending a signed credential to a middle-tier server 
(server), which then sends the credential to a back-end server (document repository) for 
authentication on behalf of the client. A plurality of credentials can be sent if there is a 
plurality of documents that need to be retrieved. McGarvey states that tiered network 
approaches are common, whereby in a tiered approach, the originator for a unit of work 
communicates via a client program, which then communicates with a middle-tier server 
(i.e. a web server) which then can access a database or other resource managers (i.e. 
document repository) (page 1 : paragraph 2). McGarvey further states that "such a 
tiered approach to network applications may create a need for the secure propagation 
of security credentials of the request originator through each of the tiers of the 
application" (page 1 : paragraph 3) and that "in such propagation of secure credentials, 
the request originator delegates to middle-tier servers the authority to access other 
servers on their behalf (page 1 : paragraph 3). Foth and McGarvey are analogous arts 
in that both deal with a tiered approach to access information from a back-end server 
(document repository) by going through a middle-tier server. The middle-tier server as 
applied to Foth would be the printer with the built in adaptor, and the back-end server 
would be the document repository where the document that is requested to be printed 
resides. Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to use the delegation credentials provided by McGarvey in 
conjunction with the user and server credentials of Foth, to allow the propagation of 
security credentials by allowing the middle-tier server to act on behalf of the client in 
accessing the back-end servers. 
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5. Claim 1 1 is rejected under 35 U.S.C. 103(a) as being unpatentable over Foth 
(U.S. Patent Application Publication No. 2003/0068045) in view of McGarvey et al. (U.S. 
Patent Application Publication No. 2003/0028773) and further in view of Taniguchi et al. 
(U.S. Patent 6,801,962). 

Claim 1 1 is rejected as applied above in rejecting claim 1. The Foth-McGarvey 
combination does not explicitly teach that a delegation credential is used for authorizing 
payment for the action, sending the delegation credential to a payment provider, and 
verifying the credentials at the payment provider. Taniguchi discloses a mobile device 
in communication with a server, whereby the user authenticates to the server, and a 
print job is processed by request from the user, and the printing of the document is 
charged allowing a user to "make use of a pay print service utilizing the portable 
terminal device at an arbitrary place where the image forming device is provided" 
(column 2 lines 20-43). The Foth-McGarvey combination teaches sending a delegation 
credential from a client to a server, and sending a delegation credential from a middle- 
tier server to a back-end server, and verifying the delegation credential and the server 
credential at the back-end server. Foth-McGarvey and Taniguchi are analogous arts as 
all deal with servers, and Taniguchi deals with printing using a mobile device in the 
same manner as Foth. It is obvious that the back-end server can be a billing server 
(payment provider), and the user can delegate the server to act on its behalf using the 
same logic described in rejecting claim 1, to provide payment. Therefore it would have 
been obvious to one of ordinary skill in the art at the time the invention was made to use 



Application/Control Number: 10/001,449 Page 14 

Art Unit: 2131 

the payment process disclosed by Taniguchi in conjunction with the system of Foth- 
McGarvey to allow a user to "make use of a pay print service utilizing the portable 
terminal device at an arbitrary place where the image forming device is provided" 
(Taniguchi, column 2 lines 20-43). 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kaveh Abrishamkar whose telephone number is 571- 
272-3786. The examiner can normally be reached on Monday thru Friday 8-5. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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